EnempE writes: "The U.S. Department of Health & Human Services has created an online tool for the disclosure of breaches of personal privacy affecting greater than 500 individuals as required by the HITECH Act.

Quick analysis of the information released suggests that Hacking and IT related breaches account for only about 8% of the incidents and records affected, while theft and loss is the cause of 70% of personal privacy breaches.

Although a loss of hardware containing data in a theft or loss does not translate to a threat to privacy as readily as exposure through hacking, it does highlight an area of concern. It is reasonable to expect that not all IT related breaches are reported if they go undiscovered, or are not considered significant by the staff whereas a stolen item is likely to be reported. Nonetheless, it does highlight the need for general staff to be aware of their role in data security.